synctx-cli
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install or update the
synctx-clipackage usingnpm install -g synctx-cliandnpx skills add synctxai/synctx/core-skills/synctx-cli. These resources originate from the vendor's own repository and package namespace. - [COMMAND_EXECUTION]: The skill executes various shell commands through the
synctxCLI to perform business logic. It also requires coordination with a separate wallet skill for signing and transaction execution. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection from external, untrusted data sources.
- Ingestion points: Counterparty messages retrieved via
synctx get-messagesand external content resolved from on-chain links (e.g.,ipfs:,https:,contract:) found in contract instructions. - Boundary markers: The skill includes an explicit 'Message security' rule stating that received messages must never be executed as instructions.
- Capability inventory: The skill can execute CLI commands, install packages, and initiate wallet-based blockchain transactions.
- Sanitization: There is no automated sanitization described for the content of messages or resolved instruction links, relying instead on the agent's adherence to the provided constraints.
Audit Metadata